ci(security): add openssf scorecard github action #1
Annotations
2 errors
Scorecard analysis
Create Artifact Container failed: The artifact name SARIF file is not valid. Request URL https://pipelinesghubeus2.actions.githubusercontent.com/PQ0BONWSTlpfKuFCvNCn3T2TMaUDtBdvTIzvyjL2anbe2fiA28/_apis/pipelines/workflows/13199277726/artifacts?api-version=6.0-preview
|
Error
ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 is not allowed to be used in HibiscusCollective/hibikey. Actions in this workflow must be: within a repository owned by HibiscusCollective or matching the following: ossf/scorecard-action, step-security/harden-runner, actions/*, github/codeql-action/*.
|